Re: Privacy (su UID value in desktop entry standard)

From: linas linas org (Linas Vepstas)
To: "C. Gatzemeier" <c gatzemeier tu-bs de>
Cc: Linas Vepstas <linas linas org>, Charles Goodwin <charlie xwt org>, Lars Hallberg <lah micropp se>, gnucash-devel gnucash org, xdg-list redhat com, Gnome Office <gnome-office-list gnome org>, xdg-list freedesktop org, desktop-devel-list gnome org
Subject: Re: Privacy (su UID value in desktop entry standard)
Date: Fri, 19 Mar 2004 09:22:11 -0600

Hi,

On Fri, Mar 19, 2004 at 12:38:04PM +0100, C. Gatzemeier was heard to remark:
> Am Freitag, 19. M?rz 2004 05:11 schrieb Linas Vepstas:
> > On Thu, Mar 18, 2004 at 08:12:23PM +0100, C. Gatzemeier was heard to remark:
> > > If you have KDE running you can try the following, seems to work pretty
> > > nice. kdesu -u [user] gnucash
> > > (I am sure there are also Gnome etc. variants available)
> >
> > Yes, this was discussed a bit; It works, but falls somewhat into
> > the "put it in a HOWTO" category, since there is some non-trivial
> > sysadmin work to set up the 'protected' user.
> [...]
> 
> I am scratching my head here a little, and wondering what kind of 
> functionality you are picturing. I think the desktop-su-HOWTO style taste 
> shoud go away with proper GUI integration.

You can stop scratching your head, I think you've got it exactly right.

> Let me draw this little scenario:
> 
> A future Deskop distribution is set up to boot right into the graphical 
> desktop logged in as a local guest (or think family) user.
> Things can be done just as usual. But if one wants to do somthing private he 
> obviously will unavoidably need a private account (easily set up). He 
> notices/can see he has two alternatives. 
> One he can click on the session aware pager to switch to a parallel running 
> session, log in, and do anything in his own homedirectory.
> 
> Alternatively he just fires up the desired app.
> 
> Mail, bookkeeping programs etc. can be installed "asking for 
> authentication" (install script will have set up a desktop entry with 
> "prompt-for-run-as-username")
> Other apps can also be right-clicked and be "run as..." And of course the 
> property to "allways run as ..." is there so just the password without extra 
> username is asked.
> 
> Windows running under different UID than the session are titled including 
> username like "Lokal Folder - KMail [Christian]" and could have a "window 
> lock" timeout" analogous to xlock.

Yes, all of the above exactly as described.

> >  Do I need to 'kdesu -u bookeeper konqueror'
> > to do graphical file management? 
> >
> > Remember, my goal was to allow my proverbial computer-novice-mom
> > to keep her accounting files under lock and key, while otherwise
> > keeping the desktop open to all.
> 
> I'd picture a system aware filebrowser to just ask our computer-novice-moms 
> for appropriate user/group passwords when she is about to open her locked 
> directory or file instead of "accsess denied"
> 
> Could it be that easy?

Yes. It SHOULD be that easy.

Follow-Ups:
- Re: Privacy (su UID value in desktop entry standard)
  - From: George
- Re: Privacy (su UID value in desktop entry standard)
  - From: C. Gatzemeier

References:
- Re: Privacy (su UID value in desktop entry standard)
  - From: C. Gatzemeier
- Re: Privacy (su UID value in desktop entry standard)
  - From: Linas Vepstas
- Re: Privacy (su UID value in desktop entry standard)
  - From: C. Gatzemeier

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]